Jump to content
Sign in to follow this  
broy12211488313522

Forced Teleportation Griefing

Recommended Posts

i was in the group of people broy1221 is talking about and yes cause one of our freinds was driving around in a car that u half have to attach to the avatar so it went with him but in reverce dirty people can use it to push traffic up and me myself didnt even have a cancel butten to stop it we was in the greifers control untill i logged out and broke conection

Share this post


Link to post
Share on other sites

I am looking for the new Force Teleportation script I saw it being used in the SandBox today but I can't seem to find one if anyone has it drop it by my SL inventory if you wish I will make some good use of it, and can think of a few things id like to try with it.

I believe that if I am right this would totally change the way StarGates for example work in Second Life and offer some new perks like the game portal you know people who made the portal guns?

Thanks :3.

Share this post


Link to post
Share on other sites


16 wrote:

oh! ok

was thought you maybe wanted the nawti one. sry

Marianne provide the link above to the proper one:

is an example script on there that show you how to use. is pretty good to make stargates and portals and stuff like that

Nah, I think she just wants to get herself perma-banned.  She did say in another thread she was quitting SL anyways.

Share this post


Link to post
Share on other sites

i thought these things were supposed to go to members that qualified for them?

or is this something else?

 

Share this post


Link to post
Share on other sites


Ceka Cianci wrote:

i thought these things were supposed to go to members that qualified for them?

or is this something else?

 

You raise a very good point here.  In his original blog post Rodvik did state:

"One of the key goals of Linden Realms was to learn more about what tools Residents could use to develop richer experiences in Second Life — and boy, did we learn a lot! In Q1 2012 , we will be releasing new tools used to develop Linden Realms, which will allow Residents to create even richer original experiences in Second Life. To prevent abuse of these tools, we will introduce a "creators" program in which verified members will be given access to these very powerful capabilities."   (my bolding)

http://community.secondlife.com/t5/Featured-News/CEO-Rodvik-Humble-Shares-Highlights-From-2011-and-his-Outlook/ba-p/1298823

Apparently the security flaw was deeper than just having the function enabled.

Regardless of who is given access to these tools, a land owner should have the ability to turn the function OFF on their property.  Really, just like 'damage,' it shouldn't be ON by default.

Share this post


Link to post
Share on other sites


Perrie Juran wrote:


Ceka Cianci wrote:

i thought these things were supposed to go to members that qualified for them?

or is this something else?

 

You raise a very good point here.  In his original blog post Rodvik did state:

"One of the key goals of Linden Realms was to learn more about what tools Residents could use to develop richer experiences in Second Life — and boy, did we learn a lot! In Q1 2012 , we will be releasing new tools used to develop Linden Realms, which will allow Residents to create even richer original experiences in Second Life. To prevent abuse of these tools, we will introduce a "creators"
program in which verified members will be given access to these very powerful capabilities
."  
(my bolding)

Apparently the security flaw was deeper than just having the function enabled.

Regardless of who is given access to these tools, a land owner should have the ability to turn the function OFF on their property.  Really, just like 'damage,' it shouldn't be ON by default.

it will be interesting to see how  long it takes  before they get this resolved..

if they haven't already..

 

Share this post


Link to post
Share on other sites

Apparently the security flaw was deeper than just having the function enabled.

Shallower, actually, in that it had nothing to do with eXperience Permissions stuff at all. It was just a simple bug in the new LSL function, llTeleportAgent(), which can be used with common old permissions, too.  

As insane as it sounds, the bug was that PERMISSION_TELEPORT, once obtained, sufficed to teleport anybody, as long as it wasn't done on the one RC version (Magnum) where the function could actually compile.

One might suppose that all this was due to some vestigial code that made Linden Realms work for Linden-owned scripts without real XP.

Share this post


Link to post
Share on other sites


Qie Niangao wrote:

Apparently the security flaw was deeper than just having the function enabled.

Shallower, actually, in that it had nothing to do with eXperience Permissions stuff at all. It was just a simple bug in the new LSL function, llTeleportAgent(), which can be used with common old permissions, too.  

As insane as it sounds, the bug was that PERMISSION_TELEPORT, once obtained, sufficed to teleport
anybody
, as long as it wasn't done on the one RC version (Magnum) where the function could actually compile.

One might suppose that all this was due to some vestigial code that made Linden Realms work for Linden-owned scripts without real XP.

Thank you for clarifying.

I still don't know what the full purpose or reason for this function is, but further enlightenment notwithstanding, I am still presently of the opinion that a land owner should have the option on this function to turn it off or on.

Share this post


Link to post
Share on other sites

just comment on this and what you said later on below

the purpose of them is is to be able to make teleporters and portals like on the Realms

"experience permissions" dont have any permissions request like we normal understand them. like you not asked on a dialog to grant or deny. an experience script can assume that you have granted permission just bc it can detect your presence

so in one sense they more properly called a assumed-permission experience i think

assumed-permission experiences are a problem except on a dedicated sim or group of sims set up specifically for this. like on linden realms. when you leave the realms sims then the assumed-permissions are revoked when done as documented

they actual quite cool how they work when implemented the proper way

+

outside of a dedicated sim/sims group tho is quite problematic how to grant/revoke assumed-permssions

what linden did was graft these realms-style functions onto the existing permissions system, so we can get the normal accept/deny dialog. so thats ok

when they done the graft linden not implement it properly. was a case of WOMDCAC. works on my dev computer and channel

so what happened was some people made scripts that grab avatar uuids. a assumed-permission is then granted on other channels to the script and woosh!!!

you have to mod/write extra stuff to make a nawti one to do that way. like actual grab the uuids and then invoke the woosh

+

seems like linden has fixed now so will be ok

altho is a deeper problem i think. stuff not being tested properly. hopefully this will be a wake up for linden and they will be more careful to actual test stuff better in future

Share this post


Link to post
Share on other sites


Perrie Juran wrote:

I am still presently of the opinion that a land owner should have the option on this function to turn it off or on.


if was me i would make assumed-permissions a group enabled experience

if the script belong/assigned to the group and the player is wearing the group tag then the assumed permissions can apply. if not then they cant

that way is not parcel or land based. group owners can also then add/remove parcels to the group. where that can be tested for

so is a check server side

if isSameGroup then can assume permission when avatar is detected anywhere on the grid

if isSamegroup and isOverGroupLand then can assume and do/allow group land stuff

+

could also then make groups scriptable levels as well. that be quite good bc can then ask if avatar is in a level. like:

if isSameGroup and isGroupLevel("killonsight") then power up armor

if isSameGroup and isGroupLevel("goldcustomer") then give them some gold stuff

if isSameGroup and isGroupLevel("clubvip") then teleport to vip room

stuff like that

Share this post


Link to post
Share on other sites

LOL I am looking for the so called naughty one technically, and will be searching google until I find it.

Well I am looking for the one like Linden Lab has at the welcome areas where you just bump into the object and you are teleported to a destination I think it is pretty awesome so technically I guess people could abuse and have been but I like the way it works it can be used for some good purposes :3.

Some people are calling this an Exploit I am not sure if it is that.

Share this post


Link to post
Share on other sites


Perrie Juran wrote:


Ceka Cianci wrote:

i thought these things were supposed to go to members that qualified for them?

or is this something else?

 

You raise a very good point here.  In his original blog post Rodvik did state:

"One of the key goals of Linden Realms was to learn more about what tools Residents could use to develop richer experiences in Second Life — and boy, did we learn a lot! In Q1 2012 , we will be releasing new tools used to develop Linden Realms, which will allow Residents to create even richer original experiences in Second Life. To prevent abuse of these tools, we will introduce a "creators"
program in which verified members will be given access to these very powerful capabilities
."  
(my bolding)

The lindens have a history of being poor judges of character and working with people of shady ethics as a result...

 

Share this post


Link to post
Share on other sites

Yeah this is exactly what I was talking about I remember when I accidently bumped a Linden Realm teleporter i was instantly taken there, I feel this is a very great feature, and it is sad that such had to be abused recently because of not I had some good uses for such.... This is exactly what I talk about stupid griefers... Anyways I suppose if they add a feature similar to the Debit permissions that grants an object permissions to teleport you it wouldn't be so bad because then you grant it permission one time, and it has permission when you bump into it to teleport you...

However this can still be used as a griefer function by using a hud to spam a persons client with multiple objects so that their client crashes add that to all the known griefs you still have a griefer tool just not a teleportation grief, although maybe LL will come up to a solution to this although some clients actually have a block spam feature that works fairly well.

I can't wait for some of these new features :3.

Share this post


Link to post
Share on other sites

when linden fix the request permission for the normal style permissions system then we will get some of the things like autoteleport. wont be able to auto-teleport anyone tho without them agreeing by click the dialog. same like how animate requests work

+

the full on experience permissions like in the video we not going to get except under some yet unknown controlled system. dont think linden even knows how they going to do that yet. except by sandbox the sims like how they done on Realms

i am vote for a group permissions system. but might be to expensive to do. like have to make a whole new groups system to do i think. is maybe possible bc the normal groups system is kinda broken anyways bc of the load it now under

Share this post


Link to post
Share on other sites

the full on experience permissions like in the video we not going to get except under some yet unknown controlled system. dont think linden even knows how they going to do that yet. except by sandbox the sims like how they done on Realms

i am vote for a group permissions system. but might be to expensive to do. like have to make a whole new groups system to do i think. is maybe possible bc the normal groups system is kinda broken anyways bc of the load it now under

I'm not sure I'd favor group-based experience permissions. (I would favor a ground-up re-write of the groups system, but that's a different discussion.)

Overall, I think we need something more like the Android app permissions system, where we explicitly grant a bundle of permissions to an "experience", and then scripts that are part of that experience (share some secret token) can exercise those permissions until we decide to revoke them, as if we were uninstalling an app.

We really, really need to be able to revoke experience permissions, and review which experiences have which permissions on us.

There are lots of details hiding behind that magical "secret token" I invoked above. It's a fun design problem, but the Lindens have kept this whole experience tools thing shrouded in mystery wrapped in NDAs.

And we see how well that's worked out.

Share this post


Link to post
Share on other sites


Qie Niangao wrote:

We really,
really
need to be able to revoke experience permissions, and review which experiences have which permissions on us.

There are lots of details hiding behind that magical "secret token" I invoked above. It's a fun design problem

am agree about being able to revoke permissions. would just argue that if can revoke permissions then cant execute them yourself. like if you can revoke permissions to stop someone else shooting you with a portal gun then your portal gun shouldnt be able to work either

is why i thought some kinda group tag would be the easy way to enable/disable things. if not wear the group level tag then can wander round OOC all day and nothing will happen to you on the arena and you cant do anything to others either. no matter how many scripts you loaded up with

+

have no idea what linden is doing really. i never get invited to any sekrit meetings ever

unless the secret token is done soemhow like a temp session key then cant see how is going to stay secret for very long   

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...